Grindr, the popular gay dating app, has been in the spotlight lately for sharing users’ personal data with third-party entities. While it feels like everybody’s doing it these days, Grindr was reportedly sharing users’ HIV status and the date of their last test, as well as potentially identifying information like physical location, phone ID, and email addresses. Had that data leaked it could’ve been devastating.

The dating app has now released an apology, emphasizing that “Grindr has never sold, nor will we ever sell, personal user information–especially information regarding HIV status or last test date–to third parties or advertisers,” the company wrote in a Tumblr note and reiterated in a Facebook video. Grindr claims that no advertisers ever had access to HIV status or last test date, unless they viewed it in a user’s public profile.

The only third parties that have access to user data are “trusted contractors who help us roll out new features and deliver relevant messages to our users. They aren’t advertisers. They’re well-respected companies that take privacy and security as seriously as we do.” Two of them, Apptimize and Localytics, were given access to HIV status and last-test-date information while working on Grindr’s new HIV test reminders.

Moving forward, Grindr will isolate HIV status from other data so third parties won’t have access to it at all.

Not mentioned in the video? The security flaw that reportedly exposed location and other information users had restricted from their public profiles, which Grindr claimed last week it has since fixed.